The included patch adds a new option to the ssh client:
-d fd Read the password from file descriptor fd. If you use 0 for fd,
the passphrase will be read from stdin.
This is basically the same as GPG:s parameter --passphrase-fd.
Flames about why this is a bad idea goes into /dev/null. I really need to
do this. There are lots of ugly Expect-hacks out there, but I want a more
clean solution.
diff -bur openssh-3.1p1.org/readconf.c openssh-3.1p1/readconf.c
--- openssh-3.1p1.org/readconf.c Tue Feb 5 02:26:35 2002
+++ openssh-3.1p1/readconf.c Mon Apr 22 09:56:31 2002
@@ -776,6 +776,7 @@
options->port = -1;
options->connection_attempts = -1;
options->number_of_password_prompts = -1;
+ options->password_from_fd = -1;
options->cipher = -1;
options->ciphers = NULL;
options->macs = NULL;
diff -bur openssh-3.1p1.org/readconf.h openssh-3.1p1/readconf.h
--- openssh-3.1p1.org/readconf.h Tue Mar 5 02:53:05 2002
+++ openssh-3.1p1/readconf.h Mon Apr 22 10:24:06 2002
@@ -70,6 +70,7 @@
* giving up */
int number_of_password_prompts; /* Max number of password
* prompts. */
+ int password_from_fd; /* Read password from file descriptor */
int cipher; /* Cipher to use. */
char *ciphers; /* SSH2 ciphers in order of preference. */
char *macs; /* SSH2 macs in order of preference. */
diff -bur openssh-3.1p1.org/readpass.c openssh-3.1p1/readpass.c
--- openssh-3.1p1.org/readpass.c Wed Feb 13 04:05:23 2002
+++ openssh-3.1p1/readpass.c Mon Apr 22 10:27:49 2002
@@ -124,4 +124,29 @@
ret = xstrdup(buf);
memset(buf, 'x', sizeof buf);
return ret;
+}
+
+char *
+read_password_from_fd(int fd)
+{
+ ssize_t nr;
+ int i = 0;
+ char ch, *buf;
+
+ buf = xmalloc(1024);
+
+ while (1) {
+ nr = read(fd, &ch, 1);
+ if (nr == -1)
+ fatal("error while reading password from filedescriptor:
%.100s", strerror(errno));
+
+ if (nr == 0 || ch == '\n' || ch == '\r' || i >= 1024)
+ break;
+
+ buf[i++] = ch;
+ }
+
+ buf[i] = '\0';
+
+ return buf;
}
diff -bur openssh-3.1p1.org/readpass.h openssh-3.1p1/readpass.h
--- openssh-3.1p1.org/readpass.h Wed Jul 4 06:46:58 2001
+++ openssh-3.1p1/readpass.h Mon Apr 22 10:19:53 2002
@@ -16,3 +16,4 @@
#define RP_ALLOW_STDIN 0x0002
char *read_passphrase(const char *, int);
+char *read_password_from_fd(int fd);
diff -bur openssh-3.1p1.org/ssh.1 openssh-3.1p1/ssh.1
--- openssh-3.1p1.org/ssh.1 Tue Feb 19 05:27:24 2002
+++ openssh-3.1p1/ssh.1 Mon Apr 22 10:34:59 2002
@@ -51,6 +51,7 @@
.Op Fl afgknqstvxACNPTX1246
.Op Fl b Ar bind_address
.Op Fl c Ar cipher_spec
+.Op Fl d Ar fd
.Op Fl e Ar escape_char
.Op Fl i Ar identity_file
.Op Fl l Ar login_name
@@ -415,6 +416,10 @@
See
.Cm Ciphers
for more information.
+.It Fl d Ar fd
+Read the password from file descriptor fd. If you use 0 for fd, the
+passphrase will be read from stdin. Don't use this option if you can
+avoid it.
.It Fl e Ar ch|^ch|none
Sets the escape character for sessions with a pty (default:
.Ql ~ ) .
diff -bur openssh-3.1p1.org/ssh.c openssh-3.1p1/ssh.c
--- openssh-3.1p1.org/ssh.c Tue Feb 19 05:20:58 2002
+++ openssh-3.1p1/ssh.c Mon Apr 22 10:13:55 2002
@@ -312,7 +312,7 @@
again:
while ((opt = getopt(ac, av,
- "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) {
+ "1246ab:c:e:d:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) {
switch (opt) {
case '1':
options.protocol = SSH_PROTO_1;
@@ -522,6 +522,9 @@
break;
case 'F':
config = optarg;
+ break;
+ case 'd':
+ options.password_from_fd = atoi(optarg);
break;
default:
usage();
diff -bur openssh-3.1p1.org/sshconnect2.c openssh-3.1p1/sshconnect2.c
--- openssh-3.1p1.org/sshconnect2.c Tue Feb 26 19:15:10 2002
+++ openssh-3.1p1/sshconnect2.c Mon Apr 22 10:28:28 2002
@@ -435,6 +435,7 @@
return 1;
}
+
int
userauth_passwd(Authctxt *authctxt)
{
@@ -442,6 +443,12 @@
char prompt[80];
char *password;
+ if (options.password_from_fd != -1) {
+ if (attempt++ >= 1)
+ return 0;
+
+ password = read_password_from_fd(options.password_from_fd);
+ } else {
if (attempt++ >= options.number_of_password_prompts)
return 0;
@@ -451,6 +458,8 @@
snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
authctxt->server_user, authctxt->host);
password = read_passphrase(prompt, 0);
+ }
+
packet_start(SSH2_MSG_USERAUTH_REQUEST);
packet_put_cstring(authctxt->server_user);
packet_put_cstring(authctxt->service);
--
/Peter ?strand <astrand at lysator.liu.se>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1> The included patch adds a new option to the ssh client: > > -d fd Read the password from file descriptor fd. If you use 0 for fd, > the passphrase will be read from stdin. > > This is basically the same as GPG:s parameter --passphrase-fd. > > Flames about why this is a bad idea goes into /dev/null. I really need > to do this. There are lots of ugly Expect-hacks out there, but I want > a more clean solution.This is not a flame, but I wonder why you need to do this when ssh-agent is available? In particular, you mention GPG, which states in the manpage, "Don't use this option if you can avoid it." I think that the authors of gpg consider that feature to be a hack until they can finish gpg-agent (which is under developement). -Jason ----------------------------------------------------------------------- I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQE8w98cswXMWWtptckRAqi8AJ4xQQn0H+BvOBQxBSanFEDuCIQhCwCcDHJE H0YdT1YdmwWAav380DAv5P4=NxF8 -----END PGP SIGNATURE-----
> > -d fd Read the password from file descriptor fd. If you use 0 for fd, > > the passphrase will be read from stdin. > > > > This is basically the same as GPG:s parameter --passphrase-fd. > > > > Flames about why this is a bad idea goes into /dev/null. I really need > > to do this. There are lots of ugly Expect-hacks out there, but I want > > a more clean solution. > > This is not a flame, but I wonder why you need to do this when ssh-agent > is available?ssh-agent, as far as I know, only handles keys for public key authentication. I need to use the "password" authentication method. ssh-agent does not handle this, right? -- /Peter ?strand <astrand at lysator.liu.se>
On Mon, Apr 22, 2002 at 02:59:45AM -0700, Jason Stone wrote:> This is not a flame, but I wonder why you need to do this when ssh-agent > is available?you could use $SSHASKPASS
> On Mon, Apr 22, 2002 at 02:59:45AM -0700, Jason Stone wrote: > > This is not a flame, but I wonder why you need to do this when ssh-agent > > is available? > > you could use $SSHASKPASS(The variable is called SSH_ASKPASS.) It is not possible to use SSH_ASKPASS when there is a controlling terminal. Also, SSH_ASKPASS requires a DISPLAY. My first idea was actually to add a patch to force use of SSH_ASKPASS, but it seems like SSH_ASKPASS really is only meant for X11 applications (because it requires a DISPLAY). -- /Peter ?strand <astrand at lysator.liu.se>
On Mon, Apr 22, 2002 at 12:44:34PM +0200, Peter Astrand wrote:> My first idea was actually to add a patch to force use of SSH_ASKPASS, but > it seems like SSH_ASKPASS really is only meant for X11 applications > (because it requires a DISPLAY).well, this could be changed. and you could set DISPLAY=bla
> On Mon, Apr 22, 2002 at 12:44:34PM +0200, Peter Astrand wrote: > > My first idea was actually to add a patch to force use of SSH_ASKPASS, but > > it seems like SSH_ASKPASS really is only meant for X11 applications > > (because it requires a DISPLAY). > > well, this could be changed. and you could set DISPLAY=blaIn other words, do you like the solution with: * Remove the DISPLAY requirement from SSH_ASKPASS * Add an option for forcing use of SSH_ASKPASS, even if we have a controlling terminal ...better than my original patch? I could then write an askpass-program that takes an filedescriptor from an environment string, reads from the open fd and then prints to stdout. It would probably solve my problem, although it seems slightly more complicated than my -d option. -- /Peter ?strand <astrand at lysator.liu.se>
On Mon, Apr 22, 2002 at 01:09:12PM +0200, Peter Astrand wrote:> although it seems slightly more complicated than my -d option.your suggested -d just helps for one special case.
On 2002-04-22, Edward Avis <epa98 at doc.ic.ac.uk> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > On Mon, 22 Apr 2002, Peter Astrand wrote: > > ssh-agent, as far as I know, only handles keys for public key > > authentication. I need to use the "password" authentication method. > > ssh-agent does not handle this, right?> It would be cool if you could store your password in a file encrypted > with your public key. Then when ssh runs it prompts for a passphrase > to read the private key, uses that to decrypt the password and sends it > to the remote server. That way you could use a single keypair andYou could do essentially this if you had either the less-cumbersome SSH_ASKPASS setup or the read-from-fd patch, and you used a helper wrapper around gnupg to ask for a passphrase (and a dest host/account?) and spit out the right password. No caching by ssh-agent, though (you would want something like gnupg-agent). On the subject of dodgy one-off password hacks, I whipped something up last week that adds a 'Password' config option, so you can hardcode passwords in ~/.ssh/config and/or pass '-oPassword=foo' on the command line. Yes, these are both bad ideas. Patch here: http://www.theaimsgroup.com/~hlein/haqs/#openssh-passopt (I won't add this to the other openssh patches I maintain, because using it really is a bad idea in general.) -- Hank Leininger <hlein at progressive-comp.com>
On Mon, 22 Apr 2002, [iso-8859-1] Peter ?strand wrote:> > The included patch adds a new option to the ssh client: > > -d fd Read the password from file descriptor fd. If you use 0 for fd, > the passphrase will be read from stdin. > > This is basically the same as GPG:s parameter --passphrase-fd. > > Flames about why this is a bad idea goes into /dev/null. I really need to > do this. There are lots of ugly Expect-hacks out there, but I want a more > clean solution.pubkey authentication